[D:\Program Files\Rising\Rav\combase.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
[D:\Program Files\Rising\Rav\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[D:\Program Files\Rising\Rav\scansrvp.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.11]
[D:\Program Files\Rising\Rav\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
[D:\Program Files\Rising\Rav\ScanSrv.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.9]
[D:\Program Files\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
[D:\Program Files\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[PID: 1424 / SYSTEM][D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 2384 / LOCAL SERVICE][D:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\System32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[PID: 3544 / zhang163][D:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1007]
[d:\documents and settings\zhang163.b54142aa15f0459\application data\ppstream\bin\1.0.0.2\vodrc.dll] [ppstream.com, 1.0.0.2]
[D:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 75]
[D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29]
[D:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll] [RealPlayer, 1.0.1.57]
[D:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[D:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\Program Files\Real\RealPlayer\lang\rpbrp_cn.dll] [RealNetworks, Inc., 6.0.14.0]
[D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
[D:\WINDOWS\system32\urlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15]
[D:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.15]
[D:\PROGRA~1\LEAPFT~1.0\lftpie.dll] [LeapWare, 3.0.0.1]
[D:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[D:\WINDOWS\system32\Amhooker.dll] [A4Tech Co.,Ltd., 7.42.0.0]
[D:\Program Files\Common Files\Microsoft Shared\INK\PENCHS.DLL] [Microsoft Corporation, 1.0.1038.0]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.48]
[D:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0]
[D:\WINDOWS\system32\msdmo.dll] [, ]
[D:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xmvsource.dll_1_work] [XunLei, 1, 0, 0, 5]
[D:\Program Files\超级转换秀\ac3filter.ax] [, 1.01a]
[D:\WINDOWS\system32\ffdshow.ax] [, 1.0.2.2028]
[D:\Program Files\StormII\Codec\MpaSplitter.ax] [Gabest, 1, 0, 0, 1]
[D:\Program Files\StormII\Codec\MP4Splitter.ax] [Gabest, 1, 1, 0, 0]
[D:\PROGRA~1\COMMON~1\uusee\UFDeMux.ax] [uusee, 2, 0, 0, 5]
[D:\Program Files\超级转换秀\RealMediaSplitter.ax] [Gabest, 1, 0, 0, 4]
[D:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin17.dll] [Thunder Networking Technologies,LTD, 3, 1, 5, 78]
[PID: 1192 / zhang163][D:\Program Files\Thunder Network\WebThunder\WebThunder.exe] [深圳市迅雷网络技术有限公司, 1, 13, 1, 224]
[D:\Program Files\Thunder Network\WebThunder\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1007]
[D:\Program Files\Thunder Network\WebThunder\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 3, 1, 56]
[D:\Program Files\Thunder Network\WebThunder\download_interface.dll] [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
[D:\Program Files\Thunder Network\WebThunder\stlport_vc646.dll] [STLport Consulting, Inc., 4.6.2003.1031]
[D:\Program Files\Thunder Network\WebThunder\asyn_dns.dll] [Thunder Networking Technologies,LTD, 2, 21, 2, 217]
[D:\Program Files\Thunder Network\WebThunder\streammedialib.dll] [, 1, 3, 2, 124]
[D:\Program Files\Thunder Network\WebThunder\al.dll] [, 1, 0, 1, 3]
[D:\Program Files\Thunder Network\WebThunder\bd.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 6]
[D:\Program Files\Thunder Network\WebThunder\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 16, 5, 63]
[D:\Program Files\Thunder Network\WebThunder\CacheServer.dll] [, 1, 0, 0, 1]
[D:\Program Files\Thunder Network\WebThunder\XLSafe\SafeInfo.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 2]
[D:\Program Files\Thunder Network\WebThunder\XLSafe\RMFScan.dll] [N/A, ]
[D:\Program Files\Thunder Network\WebThunder\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 3, 4, 18]
[D:\Program Files\Common Files\Microsoft Shared\INK\PENCHS.DLL] [Microsoft Corporation, 1.0.1038.0]
[D:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.48]
[D:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[D:\WINDOWS\system32\Amhooker.dll] [A4Tech Co.,Ltd., 7.42.0.0]
[D:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin17.dll] [Thunder Networking Technologies,LTD, 3, 1, 5, 78]
[D:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0]
[d:\documents and settings\zhang163.b54142aa15f0459\application data\ppstream\bin\1.0.0.2\vodrc.dll] [ppstream.com, 1.0.0.2]
[D:\Program Files\Thunder Network\WebThunder\DownAndPlay\WebDownAndPlay.dll] [ShenZhen Thunder Networking Technologies Ltd., 1, 0, 4, 22]
[D:\Program Files\Thunder Network\WebThunder\XLStatistic\XLStatisticAddin.dll] [深圳市迅雷网络技术有限公司, 1, 4, 1, 5]
[PID: 3236 / zhang163][D:\Documents and Settings\zhang163.B54142AA15F0459\桌面\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.7.0.1210]
[PID: 3244 / zhang163][D:\Documents and Settings\zhang163.B54142AA15F0459\桌面\sreng2\SRE12929023.EXE] [Smallfrogs Studio, 2.7.0.1210]
[D:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1007]
[D:\WINDOWS\system32\Amhooker.dll] [A4Tech Co.,Ltd., 7.42.0.0]
[D:\Documents and Settings\zhang163.B54142AA15F0459\桌面\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT Error. [D:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [D:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS Error. [豪杰超级解霸V8_VBS]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
127.0.0.1 c0mo.com
127.0.0.1 gxgxy.net
127.0.0.1 444.gmwo07.com
127.0.0.1 333.gmwo07.com
127.0.0.1 222.gmwo07.com
127.0.0.1 111.gmwo07.com
127.0.0.1 haha.yaoyao09.com
127.0.0.1
www.noseqing.cn127.0.0.1 fg.pvs360.com
127.0.0.1 cw.pvs360.com
127.0.0.1 ta.pvs360.com
127.0.0.1 dl.pvs360.com
127.0.0.1 ok.sl8cjs.cn
127.0.0.1 nc.mskess.com
127.0.0.1 idc.windowsupdeta.cn
127.0.0.1 pvs360.com
127.0.0.1 sl8cjs.cn
127.0.0.1 windowsupdeta.cn
127.0.0.1 up.22x44.com
127.0.0.1 my.531jx.cn
127.0.0.1 nx.51ylb.cn
127.0.0.1 llboss.com
127.0.0.1 down.malasc.cn
127.0.0.1 d2.llsging.com
127.0.0.1 171817.171817.com
127.0.0.1 wg.47255.com
127.0.0.1
www.tomwg.com127.0.0.1 tp.shpzhan.cn
127.0.0.1 1.joppnqq.com
127.0.0.1 xx.exiao01.com
127.0.0.1
www.22aaa.com127.0.0.1 ilove.com
127.0.0.1 xxx.mmma.biz
127.0.0.1
www.868wg.com127.0.0.1 2.joppnqq.com
127.0.0.1 1.jopanqc.com
127.0.0.1 yu.8s7.net
127.0.0.1 1.jopmmqq.com
127.0.0.1 cao.kv8.info
127.0.0.1 xtx.kv8.info
127.0.0.1 new.749571.com
127.0.0.1 xxx.vh7.biz
127.0.0.1 1.jopenkk.com
127.0.0.1 d.93se.com
127.0.0.1 3.joppnqq.com
127.0.0.1 xxx.j41m.com
127.0.0.1 1.jopenqc.com
127.0.0.1 xxx.m111.biz
127.0.0.1 down.18dd.net
127.0.0.1
www.333292.com127.0.0.1 qqq.hao1658.com
127.0.0.1 qqq.dzydhx.com
127.0.0.1
www.exiao01.com127.0.0.1
www.cike007.cn==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1848, D:\PROGRA~1\A4TECH\MOUSE\AMOUMAIN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3236, D:\DOCUMENTS AND SETTINGS\ZHANG163.B54142AA15F0459\桌面\SRENG2\SRENGLDR.EXE]
==================================
计划任务
N/A
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE]
附件: SREngLOG.log (2008-12-28 17:34:13, 54.25 K)